1.1K
A UNIX security auditing tool based on several security frameworks. This scripts generates a scored audit report of a Unix host’s security. It is based on the CIS and other frameworks. Where possible there are references to the CIS and other benchmarks in the code documentation.
It can perform a lockdown. Unlike some other scripts it has the capability to backout changes. Files are backed up using cpio to a directory based on the date. Although it can perform a lockdown, as previously stated, we would recommend you address the warnings via policy, documentation and configuration management.
Supported Operating System
- Linux
- RHEL 5,6,7
- Centos 5,6,7
- Scientific Linux
- SLES 10,11,12
- Debian
- Ubuntu
- Amazon Linux
- Solaris (6,7,8,9,10 and 11)
- Mac OS X
- FreeBSD (needs more testing)
- AIX (needs more testing)
- ESXi (initial support – some tests)
How to run
Enter the following command to run lunar.
Usage: ./lunar.sh -[a|A|s|S|d|p|c|l|h|c|V] -[u] -a: Run in audit mode (no changes made to system) -A: Run in audit mode (no changes made to system) [includes filesystem checks which take some time] -s: Run in selective mode (only run tests you want to) -d: Print information for a specific test -S: List functions available to selective mode -l: Run in lockdown mode (changes made to system) -L: Run in lockdown mode (changes made to system) [includes filesystem checks which take some time] -c: Show changes previously made to system -p: Show previously versions of file -u: Undo lockdown (changes made to system) -h: Display usage -V: Display version -v: Verbose mode [used with -a and -A] [Provides more information about the audit taking place]